1#!/bin/sh 2# $FreeBSD$ 3 4dir=`dirname $0` 5. ${dir}/misc.sh 6 7echo "1..48" 8 9# Verify if security.mac.portacl.suser_exempt=1 really exempts super-user. 10 11sysctl security.mac.portacl.suser_exempt=1 >/dev/null 12 13bind_test ok ok uid root tcp 77 14bind_test ok ok uid root tcp 7777 15bind_test ok ok uid root udp 77 16bind_test ok ok uid root udp 7777 17 18bind_test ok ok gid root tcp 77 19bind_test ok ok gid root tcp 7777 20bind_test ok ok gid root udp 77 21bind_test ok ok gid root udp 7777 22 23# Verify if security.mac.portacl.suser_exempt=0 really doesn't exempt super-user. 24 25sysctl security.mac.portacl.suser_exempt=0 >/dev/null 26 27bind_test fl ok uid root tcp 77 28bind_test ok ok uid root tcp 7777 29bind_test fl ok uid root udp 77 30bind_test ok ok uid root udp 7777 31 32bind_test fl ok gid root tcp 77 33bind_test ok ok gid root tcp 7777 34bind_test fl ok gid root udp 77 35bind_test ok ok gid root udp 7777 36 37# Verify if security.mac.portacl.port_high works for super-user. 38 39sysctl security.mac.portacl.port_high=7778 >/dev/null 40 41bind_test fl ok uid root tcp 77 42bind_test fl ok uid root tcp 7777 43bind_test fl ok uid root udp 77 44bind_test fl ok uid root udp 7777 45 46bind_test fl ok gid root tcp 77 47bind_test fl ok gid root tcp 7777 48bind_test fl ok gid root udp 77 49bind_test fl ok gid root udp 7777 50 51restore_settings 52